yet another SQL injection

Here I am again, fishing MD5 hashed passwords along with usernames, after successfully exploiting an SQL injection vulnerability in a website. “the website identity will remain enclosed at the time being due to the sensitivity of the operation”

I had to tune my injection multiple times until I was able to extract full data at once and not byte-by-byte extraction.

In order to extract the complete ~950 hashes, I wrote a small python script to automate the process.